By the end of this year, Capgemini and RBC Wealth Management anticipate that the wealth of high-net-worth (HNW) North Americans will have grown by 7%. With billions of dollars on the line, it’s more important than ever that HNW individuals implement proper insurance risk management strategies to help defend their financial well-being. While many have taken the necessary precautions to protect their families, assets and livelihoods, an emerging crop of unfamiliar property and casualty exposures — from vulnerabilities related to the Internet of Things, cyber-extortion and passionate pursuits — threaten to disrupt the best-laid 2017 insurance programs.
Emerging Risk No. 1: The Internet of (a Billion) Things
While it drives efficiencies, the Internet of Things (IoT) also poses unique property and casualty risks for HNW individuals. Coupled with the fact that there are already more than 6 billion connected “things” in use around the world (that number is expected to rise to 20 billion by 2020), the exposures are potentially endless.
These cloud-connected devices include everything from mundane self-monitoring home appliances — such as washing machines, refrigerators, smoke alarms and thermostats — to wireless personal assistants that can report on the weather and manage your shopping list. Many of these devices can be particularly beneficial in secondary or seasonal homes; monitoring, for example, if the temperature inside drops to the point that pipes could freeze or burst.
While helpful, not to mention cool, the major risk in this thriving technology ecosystem is that just a single connected object may open the door into the user’s privacy and security, in turn giving hackers access to extremely sensitive personal and financial data. As many internet-connected devices are linked to other devices, this can create a domino effect and give hackers access to an even wider range of information.
It is therefore critical that HNW individuals take the proper steps to safeguard their internet-enabled devices. Creating a password that contains a range of upper and lower case letters, symbols and numbers for each device is a good place to start. It is also important not to use the same password on multiple devices.
Emerging Risk No. 2: Give Me Your Bitcoins or Else!
The IoT is just one area of concern expected to be front and center for HNW individuals as the new year unfolds. Ransomware attacks, old-fashioned extortion with a twist, are another.
Consider the scenario where a hacker breaches a user’s IT system by “phishing”: sending an infected email or an attachment that looks like the real thing. In some cases, a hacker might send an authentic looking email with a corrupted link that directs users to an infected website or prompts the download of malicious adware — pop-up ads promising a 25% discount for a pair of designer shoes. These entreaties look so professional that the target is encouraged to click on them.
That’s when the troubles begin. All of a person’s files are instantaneously encrypted and unavailable for personal access or use. The user’s computer system is completely locked up; only the hacker has the encryption key. To unlock the system, the victim is alerted that they have 48 hours in which to pay a ransom, typically in the digital currency bitcoin. For the nearly half of all consumers who have never heard of ransomware and don’t know what to do, the clock is now ticking.
Although the Federal Bureau of Investigation advises against it, most people pay the ransom, which is often a small amount. Although many hackers are extremely polite in their online correspondence, even sending educational links on how to pay the ransom in bitcoin, they’re hardened criminals who want to cause disruption. A USA Today article, for example, noted that a ransomware attack hit San Francisco’s light rail system during the busy 2016 holiday shopping season.
In the event that the person or organization decides not to pay the ransom, the victim may be offline for days, if not weeks, while a technician rebuilds the computer system. During this time, they have no access to or use of their computer applications, assuming these are not backed up in the cloud or at a separate offsite location. Fortunately for San Francisco’s transportation agency, the department said it never considered paying the ransom because it had an IT team that could restore the system. Many victims aren’t so lucky.